U.S. companies have seen an uptick in business email compromise scams and the dollar losses that go with them, according to a study conducted by Zogby Analytics for The Hartford Steam Boiler Inspection and Insurance Company (HSB).
Of 403 senior business executives polled in the U.S., 58% said threatening emails had increased in the past year. And 37% have received emails pretending to be from a senior manager or a vendor.
Worse, 47% of employees had responded to such emails by transferring company funds, with 37% of such losses ranging from $50,000 to $100,000. Only 11% fell below $10,000.
In addition to stealing money, cyber attackers also seek W2 forms, Social Security numbers and other personal information, the study notes.
The report cites that FBI estimates global losses from business email compromise attacks totaled $12.5 billion between October 2013 and May 2018, of which $2.9 billion was lost in the United States.
“Whether it’s a phishing scheme or malware, most cyber attacks start with an email,” said Timothy Zeilman, vice president for HSB. “Even companies that have information security training and fairly savvy employees fall victim to these deceptions.”
HSB, a part of Munich Re, is an insurer and provider of inspection, risk management and IoT technology services.